diff --git a/.github/workflows/check-whitespace.yml b/.github/workflows/check-whitespace.yml deleted file mode 100644 index a241a63428bd20..00000000000000 --- a/.github/workflows/check-whitespace.yml +++ /dev/null @@ -1,91 +0,0 @@ -name: check-whitespace - -# Get the repository with all commits to ensure that we can analyze -# all of the commits contributed via the Pull Request. -# Process `git log --check` output to extract just the check errors. -# Exit with failure upon white-space issues. - -on: - pull_request: - types: [opened, synchronize] - -# Avoid unnecessary builds. Unlike the main CI jobs, these are not -# ci-configurable (but could be). -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - check-whitespace: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: git log --check - id: check_out - run: | - baseSha=${{github.event.pull_request.base.sha}} - problems=() - commit= - commitText= - commitTextmd= - goodparent= - while read dash sha etc - do - case "${dash}" in - "---") - if test -z "${commit}" - then - goodparent=${sha} - fi - commit="${sha}" - commitText="${sha} ${etc}" - commitTextmd="[${sha}](https://github.com/${{ github.repository }}/commit/${sha}) ${etc}" - ;; - "") - ;; - *) - if test -n "${commit}" - then - problems+=("1) --- ${commitTextmd}") - echo "" - echo "--- ${commitText}" - commit= - fi - case "${dash}" in - *:[1-9]*:) # contains file and line number information - dashend=${dash#*:} - problems+=("[${dash}](https://github.com/${{ github.repository }}/blob/${{github.event.pull_request.head.ref}}/${dash%%:*}#L${dashend%:}) ${sha} ${etc}") - ;; - *) - problems+=("\`${dash} ${sha} ${etc}\`") - ;; - esac - echo "${dash} ${sha} ${etc}" - ;; - esac - done <<< $(git log --check --pretty=format:"---% h% s" ${baseSha}..) - - if test ${#problems[*]} -gt 0 - then - if test -z "${commit}" - then - goodparent=${baseSha: 0:7} - fi - echo "🛑 Please review the Summary output for further information." - echo "### :x: A whitespace issue was found in one or more of the commits." >$GITHUB_STEP_SUMMARY - echo "" >>$GITHUB_STEP_SUMMARY - echo "Run these commands to correct the problem:" >>$GITHUB_STEP_SUMMARY - echo "1. \`git rebase --whitespace=fix ${goodparent}\`" >>$GITHUB_STEP_SUMMARY - echo "1. \`git push --force\`" >>$GITHUB_STEP_SUMMARY - echo " " >>$GITHUB_STEP_SUMMARY - echo "Errors:" >>$GITHUB_STEP_SUMMARY - for i in "${problems[@]}" - do - echo "${i}" >>$GITHUB_STEP_SUMMARY - done - - exit 2 - fi diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml deleted file mode 100644 index 53cf12fe044425..00000000000000 --- a/.github/workflows/coverity.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: Coverity - -# This GitHub workflow automates submitting builds to Coverity Scan. To enable it, -# set the repository variable `ENABLE_COVERITY_SCAN_FOR_BRANCHES` (for details, see -# https://docs.github.com/en/actions/learn-github-actions/variables) to a JSON -# string array containing the names of the branches for which the workflow should be -# run, e.g. `["main", "next"]`. -# -# In addition, two repository secrets must be set (for details how to add secrets, see -# https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions): -# `COVERITY_SCAN_EMAIL` and `COVERITY_SCAN_TOKEN`. The former specifies the -# email to which the Coverity reports should be sent and the latter can be -# obtained from the Project Settings tab of the Coverity project). -# -# The workflow runs on `ubuntu-latest` by default. This can be overridden by setting -# the repository variable `ENABLE_COVERITY_SCAN_ON_OS` to a JSON string array specifying -# the operating systems, e.g. `["ubuntu-latest", "windows-latest"]`. -# -# By default, the builds are submitted to the Coverity project `git`. To override this, -# set the repository variable `COVERITY_PROJECT`. - -on: - push: - -defaults: - run: - shell: bash - -jobs: - coverity: - if: contains(fromJSON(vars.ENABLE_COVERITY_SCAN_FOR_BRANCHES || '[""]'), github.ref_name) - strategy: - matrix: - os: ${{ fromJSON(vars.ENABLE_COVERITY_SCAN_ON_OS || '["ubuntu-latest"]') }} - runs-on: ${{ matrix.os }} - env: - COVERITY_PROJECT: ${{ vars.COVERITY_PROJECT || 'git' }} - COVERITY_LANGUAGE: cxx - COVERITY_PLATFORM: overridden-below - steps: - - uses: actions/checkout@v4 - - name: install minimal Git for Windows SDK - if: contains(matrix.os, 'windows') - uses: git-for-windows/setup-git-for-windows-sdk@v1 - - run: ci/install-dependencies.sh - if: contains(matrix.os, 'ubuntu') || contains(matrix.os, 'macos') - env: - runs_on_pool: ${{ matrix.os }} - - # The Coverity site says the tool is usually updated twice yearly, so the - # MD5 of download can be used to determine whether there's been an update. - - name: get the Coverity Build Tool hash - id: lookup - run: | - case "${{ matrix.os }}" in - *windows*) - COVERITY_PLATFORM=win64 - COVERITY_TOOL_FILENAME=cov-analysis.zip - MAKEFLAGS=-j$(nproc) - ;; - *macos*) - COVERITY_PLATFORM=macOSX - COVERITY_TOOL_FILENAME=cov-analysis.dmg - MAKEFLAGS=-j$(sysctl -n hw.physicalcpu) - ;; - *ubuntu*) - COVERITY_PLATFORM=linux64 - COVERITY_TOOL_FILENAME=cov-analysis.tgz - MAKEFLAGS=-j$(nproc) - ;; - *) - echo '::error::unhandled OS ${{ matrix.os }}' >&2 - exit 1 - ;; - esac - echo "COVERITY_PLATFORM=$COVERITY_PLATFORM" >>$GITHUB_ENV - echo "COVERITY_TOOL_FILENAME=$COVERITY_TOOL_FILENAME" >>$GITHUB_ENV - echo "MAKEFLAGS=$MAKEFLAGS" >>$GITHUB_ENV - MD5=$(curl https://scan.coverity.com/download/$COVERITY_LANGUAGE/$COVERITY_PLATFORM \ - --fail \ - --form token='${{ secrets.COVERITY_SCAN_TOKEN }}' \ - --form project="$COVERITY_PROJECT" \ - --form md5=1) - case $? in - 0) ;; # okay - 22) # 40x, i.e. access denied - echo "::error::incorrect token or project?" >&2 - exit 1 - ;; - *) # other error - echo "::error::Failed to retrieve MD5" >&2 - exit 1 - ;; - esac - echo "hash=$MD5" >>$GITHUB_OUTPUT - - # Try to cache the tool to avoid downloading 1GB+ on every run. - # A cache miss will add ~30s to create, but a cache hit will save minutes. - - name: restore the Coverity Build Tool - id: cache - uses: actions/cache/restore@v4 - with: - path: ${{ runner.temp }}/cov-analysis - key: cov-build-${{ env.COVERITY_LANGUAGE }}-${{ env.COVERITY_PLATFORM }}-${{ steps.lookup.outputs.hash }} - - name: download the Coverity Build Tool (${{ env.COVERITY_LANGUAGE }} / ${{ env.COVERITY_PLATFORM}}) - if: steps.cache.outputs.cache-hit != 'true' - run: | - curl https://scan.coverity.com/download/$COVERITY_LANGUAGE/$COVERITY_PLATFORM \ - --fail --no-progress-meter \ - --output $RUNNER_TEMP/$COVERITY_TOOL_FILENAME \ - --form token='${{ secrets.COVERITY_SCAN_TOKEN }}' \ - --form project="$COVERITY_PROJECT" - - name: extract the Coverity Build Tool - if: steps.cache.outputs.cache-hit != 'true' - run: | - case "$COVERITY_TOOL_FILENAME" in - *.tgz) - mkdir $RUNNER_TEMP/cov-analysis && - tar -xzf $RUNNER_TEMP/$COVERITY_TOOL_FILENAME --strip 1 -C $RUNNER_TEMP/cov-analysis - ;; - *.dmg) - cd $RUNNER_TEMP && - attach="$(hdiutil attach $COVERITY_TOOL_FILENAME)" && - volume="$(echo "$attach" | cut -f 3 | grep /Volumes/)" && - mkdir cov-analysis && - cd cov-analysis && - sh "$volume"/cov-analysis-macosx-*.sh && - ls -l && - hdiutil detach "$volume" - ;; - *.zip) - cd $RUNNER_TEMP && - mkdir cov-analysis-tmp && - unzip -d cov-analysis-tmp $COVERITY_TOOL_FILENAME && - mv cov-analysis-tmp/* cov-analysis - ;; - *) - echo "::error::unhandled archive type: $COVERITY_TOOL_FILENAME" >&2 - exit 1 - ;; - esac - - name: cache the Coverity Build Tool - if: steps.cache.outputs.cache-hit != 'true' - uses: actions/cache/save@v4 - with: - path: ${{ runner.temp }}/cov-analysis - key: cov-build-${{ env.COVERITY_LANGUAGE }}-${{ env.COVERITY_PLATFORM }}-${{ steps.lookup.outputs.hash }} - - name: build with cov-build - run: | - export PATH="$RUNNER_TEMP/cov-analysis/bin:$PATH" && - cov-configure --gcc && - cov-build --dir cov-int make - - name: package the build - run: tar -czvf cov-int.tgz cov-int - - name: submit the build to Coverity Scan - run: | - curl \ - --fail \ - --form token='${{ secrets.COVERITY_SCAN_TOKEN }}' \ - --form email='${{ secrets.COVERITY_SCAN_EMAIL }}' \ - --form file=@cov-int.tgz \ - --form version='${{ github.sha }}' \ - "https://scan.coverity.com/builds?project=$COVERITY_PROJECT" diff --git a/.github/workflows/l10n.yml b/.github/workflows/l10n.yml deleted file mode 100644 index 6c3849658aa061..00000000000000 --- a/.github/workflows/l10n.yml +++ /dev/null @@ -1,111 +0,0 @@ -name: git-l10n - -on: [push, pull_request_target] - -# Avoid unnecessary builds. Unlike the main CI jobs, these are not -# ci-configurable (but could be). -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - git-po-helper: - if: >- - endsWith(github.repository, '/git-po') || - contains(github.head_ref, 'l10n') || - contains(github.ref, 'l10n') - runs-on: ubuntu-latest - permissions: - pull-requests: write - steps: - - name: Setup base and head objects - id: setup-tips - run: | - if test "${{ github.event_name }}" = "pull_request_target" - then - base=${{ github.event.pull_request.base.sha }} - head=${{ github.event.pull_request.head.sha }} - else - base=${{ github.event.before }} - head=${{ github.event.after }} - fi - echo base=$base >>$GITHUB_OUTPUT - echo head=$head >>$GITHUB_OUTPUT - - name: Run partial clone - run: | - git -c init.defaultBranch=master init --bare . - git remote add \ - --mirror=fetch \ - origin \ - https://github.com/${{ github.repository }} - # Fetch tips that may be unreachable from github.ref: - # - For a forced push, "$base" may be unreachable. - # - For a "pull_request_target" event, "$head" may be unreachable. - args= - for commit in \ - ${{ steps.setup-tips.outputs.base }} \ - ${{ steps.setup-tips.outputs.head }} - do - case $commit in - *[^0]*) - args="$args $commit" - ;; - *) - # Should not fetch ZERO-OID. - ;; - esac - done - git -c protocol.version=2 fetch \ - --progress \ - --no-tags \ - --no-write-fetch-head \ - --filter=blob:none \ - origin \ - ${{ github.ref }} \ - $args - - uses: actions/setup-go@v2 - with: - go-version: '>=1.16' - - name: Install git-po-helper - run: go install github.com/git-l10n/git-po-helper@main - - name: Install other dependencies - run: | - sudo apt-get update -q && - sudo apt-get install -q -y gettext - - name: Run git-po-helper - id: check-commits - run: | - exit_code=0 - git-po-helper check-commits \ - --github-action-event="${{ github.event_name }}" -- \ - ${{ steps.setup-tips.outputs.base }}..${{ steps.setup-tips.outputs.head }} \ - >git-po-helper.out 2>&1 || exit_code=$? - if test $exit_code -ne 0 || grep -q WARNING git-po-helper.out - then - # Remove ANSI colors which are proper for console logs but not - # proper for PR comment. - echo "COMMENT_BODY<>$GITHUB_ENV - perl -pe 's/\e\[[0-9;]*m//g; s/\bEOF$//g' git-po-helper.out >>$GITHUB_ENV - echo "EOF" >>$GITHUB_ENV - fi - cat git-po-helper.out - exit $exit_code - - name: Create comment in pull request for report - uses: mshick/add-pr-comment@v1 - if: >- - always() && - github.event_name == 'pull_request_target' && - env.COMMENT_BODY != '' - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - repo-token-user-login: 'github-actions[bot]' - message: > - ${{ steps.check-commits.outcome == 'failure' && 'Errors and warnings' || 'Warnings' }} - found by [git-po-helper](https://github.com/git-l10n/git-po-helper#readme) in workflow - [#${{ github.run_number }}](${{ env.GITHUB_SERVER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}): - - ``` - - ${{ env.COMMENT_BODY }} - - ```